home/categories/debugging/mukul975-anthropic-cybersecurity-skills-skills-analyzing-kubernetes-audit-logs-skill-md
debuggingtools
analyzing-kubernetes-audit-logs
Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications, privileged pod creation, and anonymous API access. Builds threat detection rules from audit event patterns. Use when investigating Kubernetes cluster compromise or building k8s-specific SIEM detection rules.
maintainer
mukul975
अपडेट किया गया 4/6/2026
स्टार
4240
फोर्क
464
quick start
Installation and usage
Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications, privileged pod creation, and anonymous API access. Builds threat detection rules from audit event patterns. Use when investigating Kubernetes cluster compromise or building k8s-specific SIEM detection rules.
इंस्टॉलेशन
$ install --globalskills.sh
उपयोग
इंस्टॉल करने के बाद, आप टर्मिनल में यह कमांड चलाकर इस स्किल का उपयोग कर सकते हैं:
skills use analyzing-kubernetes-audit-logs